Securing Tomorrow’s IoT Devices: The New Potential for Integrating Sophisticated Security Functions Into the Microcontroller: Internet of Things (IoT) devices, which transmit and receive data and commands over the world’s universal network, are exposed to a far greater variety and number of threats than earlier products that supported older machine-to-machine (M2M) communication, typically over a closed, private network. The security functions and resources required to protect an IoT device against these security threats are today available in specialized, discrete ICs such as: • a secure element – a system-on-chip combining a microcontroller with on-board cryptographic capabilities, secure memory and interfaces • secure non-volatile memory ICs, which typically feature a cryptographic engine for pairing the memory securely to authorized devices However, the use of such discrete ICs in IoT devices has the effect of increasing their component count, complexity and bill-of-materials cost compared to designs that use the integrated security capabilities of the host MCU (or in some cases an applications processor). The crucial question for IoT device designers, then, is whether the capabilities of the host MCU are sufficient to counter the threats of spoofing, tampering, repudiation, information disclosure, denial of service and elevation of privilege. This paper examines the real-world security requirements of consumer and industrial IoT devices, and describes the security technologies that the next generation of MCUs for the IoT need to offer in order to meet these requirements. The paper: • outlines a ‘layers’ model of device security, aligning secure product functionality with secure business processes • details the core security functions required to minimize vulnerabilities, including security policies, cryptography and tamper resistance • raises important questions for system implementation integrated into an MCU, such as, can cryptography keys be stored securely? Are hardware acceleration blocks for standard cryptographic algorithms such as RSA, ECC, AES and SHA available? Is there a true random number generator (TRNG)? Is it certified? Is it possible to detect physical tampering with the host device? It then describes the capabilities required to support the essential security functions in a single MCU while also enabling adequate implementation of the core application. It examines the effect of architecture, and the benefit of dual-core MCU implementations. It also describes the need for on-chip hardware-based secure memory provision to give an additional level of protection against unauthorized access, as well as analog processing capabilities to enable hardware tamper detection.